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(57) ABSTRACT 

The present invention presents an information management 
method wherein, when electronic data stored on a recording 
medium is lost for whatever reason, a user can restore this 
electronic data using backup information. 

License information stoned in a second layer inaccessible to 
a user of the recording medium is read out (Step S31) and 
is encrypted using a medium-specific number of the record- 
ing medium (Step S32), and the encrypted license informa- 
tion is stored in a third layer which the user of the recording 
medium can access at will (Step S33). 
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INFORMATION MANAGEMENT METHOD AND 
INFORMATION MANAGEMENT APPARATUS 

[0001] This is a continuation of International Application 
PCT/JP99/03421, with an international filing date of Jun. 24, 
1999. 

TECHNICAL FIELD 

[0002] The present invention relates to an information 
management method and an information management appa- 
ratus. More specifically, it relates to an information man- 
agement method and an information management apparatus 
used when recording and reading put information on a 
recording medium having medium-specific information. 

BACKGROUND ART 

[0003] Software such as computer programs and the like 
and electronic publications are sold as electronic data stored 
on magneto -optical-disks (MO), digital video disks (DVD), 
floppy diskettes (FD), mini-disks (MD) and other types of 
recording media. Because this type of electronic data is 
generally easy to copy, unauthorized copies are frequently 
made. This leads lo infringements of the copyrights of 
software vendors and electronic publishers, who may as a 
result suffer losses. 

[0004] In order to protect the electronic data stored on 
these types of recording medium, it has been proposed that 
user-specific information be used to generate encrypted 
license information, which is stored in a predetermined area 
on the recording medium, and in this state the recording 
media is distributed. Electronic data such as software and 
publications are encrypted using a predetermined encryption 
key and stored on the recording medium. Further, a decryp- 
tion key for decrypting the encrypted electronic data is 
encrypted using user-specific information, and is stored on 
the recording medium as hcense information. 

[0005] A user can obtain the decryption key by decrypting 
this license information using user-specific information, and 
can use this decryption key to decrypt and thereby make use 
of the encrypted electronic data stored on the recording 
medium. 

[0006] Through the use of this sort of constitution, when 
use rights for electronic data are granted to individual users, 
a common encryption key for encrypting the electronic data 
can be used, and by encrypting a decryption key using 
user-specific information that is different for each user, use 
rights can be granted individually. 

[0007] User-specific information used in these methods 
can be, for example, an apparatus number given to the 
computer or recording medium-driving apparatus that the 
user is using. Thus these methods have the drawbacks of 
preventing the user from using the medium in a different 
apparatus or from transferring the recording medium to 
another party, even if the user had acquired the recording 
medium in a proper manner. 

[0008] Japanese Laid-open patent 5-257816 proposes a 
method whereby medium -specific information is assigned to 
a recording medium, and a decryption key for decrypting 
encrypted electronic data is encrypted using this medium- 
specific information and stored on the recording medium. 



[0009] As in the methods described above, in this method 
loo a common encryption key for encrypting the electronic 
data can be used, and by encrypting a decryption key using 
medium -specific information that is different for each user, 
use rights can be granted individually. 

[0010] In the above-described methods, encrypted elec- 
tronic data is stored in an area that a user can access, and the 
Hcense information for use of this electronic data is stored in 
a secure area that a user cannot access. Therefore, even a 
rightful user cannot read out this license information and 
make a backup, so if for whatever reason the data stored in 
this secure area is lost, the user cannot use the electronic 
data. In such cases, the user needs to have reissue of the use- 
rights from a data administrator such as the software vendor 
or pubUsher, or an agent thereof. Thus to get the rights 
reissued involves extra effort and expense. 

[0011] It is an object of the present invention to provide an 
information management method and information manage- 
ment apparatus wherein a user, even when the license 
information necessary for using electronic data stored on a 
recording medium is lost for whatever reason, can tise 
backup information to restore this lost license information. 

DISCLOSURE OF THE INVENTION 

[0012] In the information management method of the 
present invention, predetermined information stored in a 
predetermined area on a recording medium having medium - 
specific information is encrypted using medium-specific 
information or a key generated therefrom, and is derived 
outside a predetermined area. 

[0013] This information management method can be con- 
stituted so that the recording medium contains a first area 
storing predetermined information and a second area differ- 
ent from the first. 

[0014] Further, this information management method can 
be constituted so that the second area is a user-use area to 
which any information can be written and from which any 
information can be read out in accordance with instructions 
from an external source, and the first area is a secure area 
that cannot be controlled by instructions from an external 
source. 

[0015] In such a case, the information management 
method can be constituted so that the any information stored 
in the second area is encrypted electronic data and the 
predetermined information stored in the first area includes 
license information based on use rights for using the elec- 
tronic data. 

[0016] Further, the information management method can 
be constituted so that the predetermined information is 
encrypted based on medium-specific information or a key 
generated therefrom and stored in a predetermined area. 

[0017] In addition, the predetermined information may be 
encrypted based on information specific to the apparatus that 
drives the recording medium. 

[0018] Further, the information management method can 
be constituted so that the encrypted predetermined informa- 
tion is stored in the second area. 

[0019] In such a case, the information management 
method can be constituted so that the encrypted predeter- 
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mined information stored in the second area is decrypted 
using medium-specific information or a key generated there- 
from, and the predetermined information stored in the first 
area is updated. 

[0020] Further, the information management method can 
be constituted so that when the predetermined information is 
to be derived outside the first area, it is encrypted by 
medium-specific information or a key geoeraled therefrom, 
and by information specific to the apparatus that drives the 
recording medium or a key generated therefrom. 

[0021] In such a case, the information management 
method can be constituted so that the encrypted predeter- 
mined information stored in the second area is decrypted by 
information specific to the apparatus that drives the record- 
ing medium or a key generated therefrom, and medium- 
specific information or a key generated therefrom, and the 
predetermined information stored in the first area is updated. 

[0022] By means of such constitution as described above, 
when predetermined information is derived outside the 
predetermined area in which it is stored, it is encrypted using 
information specific to this mediima; therefore, it is difficult 
to decrypt this information, even if it has been copied to a 
different medium. For example, if, when software or pub- 
lications and the like are stored in a second area, this 
electronic data is stored after having been encrypted using 
an encryption key, and the decryption key for decrypting this 
is encrypted by information specific to this medium and 
stored in a first area to which a user has no access, there is 
no need to change the encryption key for encryption for each 
individual user, and a common encryption key can be used 
for encryption and stored. Because the encrypted decryption 
key stored in the first area is further encrypted using 
medium-specific information and then derived outside the 
first area, a user can make and save a backup copy. Because 
this saved backup data has been encrypted using medium- 
specific information, it is difficult to decrypt even if copied 
onto another medium, and thus it is difficult to obtain the 
decryption key for decrypting the electronic data. 

[0023] Further, even if the information stored in the pre- 
determined area is lost, a user can restore the license 
information using this backup data, and can thus avoid the 
trouble of having the use rights reissued. 

[0024] Further, the information management method can 
be constituted so that the encrypted predetermined informa- 
tion is stored on a second recording medium different from 
the recording medium. 

[0025] In such a case, the information management 
method can be constituted so that encrypted predetermined 
information stored on the second recording medium is 
decrypted by medium-specific information or a key gener- 
ated therefrom, and predetermined information stored in a 
predetermined area is updated. 

[0026] Further, the information management method can 
be constituted so that when predetermined information is 
derived on a second recording medium, it is encrypted by 
medium-specific information or a key generated therefrom 
and information specific to an apparatus that drives the 
second recording medium or a key generated therefrom. 

[0027] In such a case, the information management 
method can be constituted so that the encrypted predeter- 



mined information stored on the second recording medium 
is decrypted by information specific to an apparatus that 
drives the second recording medium or a key generated 
therefrom and medium-specific information or a key gener- 
ated therefrom, and predetermined information stored in a 
predetermined area is updated. 

[0028] Also, it is preferable that it be possible to obtain 
medium -specific information electronically from a record- 
ing medium and that it be visually displayed on the record- 
ing medium, and it is preferable that it be possible to obtain 
information specific to the apparatus that drives the record- 
ing medium and the information specific to the apparatus 
that drives the second recording medium and that they be 
visually displayed on the devices. 

[0029] In such a case, when the above-described backup 
data for license information has been saved on the second 
recording medium, and the data stored in the first area has 
been lost, this lost data can be restored based on the 
information stored on this second recording medium. 

[0030] The information management apparatus relating to 
the present invention has medium-specific information; 
comprises a user-use area to which any information can be 
written and from which any information can be read out in 
accordance with instructions from an external source, and a 
secure area that cannot; be controlled by instructions from 
an external source; and manages information of a recording 
medium wherein license information based on use rights for 
any information stored in a user-use area is stored in a secure 
area, said information management apparatus further com- 
prising write and read -out means for writing any information 
to and reading out any information from the user-use area 
and predetermined information deriving means for encrypt- 
ing license information stored in the secure area using 
medium -specific information or a key generated therefrom 
and deriving the same outside the secure area. 

[0031] The information management apparatus may be so 
constituted that the encrypted license information is stored 
by the write and read-out means in the user- use area. 

[0032] Further, the information management apparatus 
may be constituted so that it further comprises predeter- 
mined information update means that decrypts the encrypted 
license information stored in the user-use area using 
medium -specific information and updates the license infor- 
mation stored in the secure area. 

[0033] Also, the information management apparatus may 
be constituted so that it comprises apparatus-specific infor- 
mation, and the predetermined information deriving means 
encrypts the license information using medium-specific 
information or a key generated therefrom and information 
specific to the apparatus or a key generated therefrom. 

[0034] In such a case, the information management appa- 
ratus may be constituted so that it further comprises prede- 
termined information update means that decrypts encrypted 
license information stored in a user-use area using informa- 
tion specific to the apparatus or a key generated therefrom 
and medium -specific information and updates license infor- 
mation stored in the secure area. 

[0035] Further, the information management apparatus 
may be constituted so that it transmits encrypted license 
information to a second recording medium different from the 
recording medium. 
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[0036] In such a case, the information management appa- 
ratus may be constituted so that it further comprises prede- 
termined information update means that decrypts encrypted 
license information stored on the second recording medium 
and updates license information stored in the secure area. 

[0037] Further, the information management apparatus 
may l^e constituted so that an apparatus that drives the 
second recording medium contains apparatus-specific infor- 
mation, and predetermined information deriving means 
encrypts license information using medium-specific infor- 
mation or a key generated therefrom and information spe- 
cific to the apparatus that drives the second recording 
medium or a key generated therefrom. 

[0038] In such a case, the information management appa- 
ratus may be constituted so that it further comprises prede- 
termined information update means that decrypts encrypted 
license information stored on the second recording medium 
using information specific to the apparatus that drives the 
second recording medium or a key generated therefrom and 
medium-specific information and updates license informa- 
tion stored in the secure area. 

BRIEF DESCRIPTION OF THE DRAWING 

[0039] FIG. 1 is a conceptual view showing the recording 
of a recording medium used in the present invention. 

[0040] FIG. 2 is a simplified block diagram of the licens- 
ing side. 

[0041] FIG. 3 is a block diagram for illustrating the 
present invention. 

[0042] FIG. 4 is a simplified block diagram of a first 
embodiment. 

[0043] FIG. 5 is a control flow chart of the contents 
storage processing. 

[0044] FIG. 6 is a control flow chart of the decryption 
processing. 

[0045] FIG. 7 is a control flow chart of the backup 
processing. 

[0046] FIG. 8 is a simplified block diagram of another 
embodiment. 

[0047] FIG. 9 is a flow chart showing license information 
update processing. 

[0048] FIG. 10 is a simplified block diagram of another 
embodiment. 

[0049] FIG. 11 is a control flowchart of the embodiment 
of FIG. 10. 

[0050] FIG. 12 is a control flowchart of the embodiment 
of FIG. 10. 

[0051] FIG. 13 is a simplified block diagram of another 
embodiment. 

[0052] FIG, 14 is a control flowchart of the embodiment 
of FIG. 13. 

[0053] FIG, 15 is a control flowchart of the embodiment 
of FIG. 13, 



BEST MODE FOR IMPLEMENTING THE 
INVENTION 

[0054] Embodiments of the present invention wiU be 
explaining while referring to the figures. 

Recording Medium 

[0055] The recording medium used in the present inven- 
tion can be a magneto-optical disk, a DVD, a floppy disk, a 
minidisk, or other recording medium such that a user can 
rewrite data; as an example, FIG. 1 will be used to explain 
the recording area of a magneto-optical disk. 

[0056] A recording medium 1 has a first layer 2 allowing 
read out but not rewrite by a user, a second layer 3 not 
allowing read out and writing according to external instruc- 
tions, and a third layer 4 allowing a user to write any 
information. A medium -specific number 5 decided exclu- 
sively for that medium is stored in the first layer 2, The third 
layer 4 is an area wherein a user can store any information 
7; it is a user contents area that stores computer programs, 
electronic publications, and other data for a user to use. The 
second layer 3 is an area for storing predetermined infor- 
mation 6 which is based on any information stored in the 
third layer 4; for example, license information and the like 
based on tise rights for computer programs and electronic 
publications and the like stored in the third layer 4 are stored 
therein. 

Constitution of the Licensing Side 

[0057] When electronic data is stored in a recording 
medium and distributed, this electronic data is encrypted and 
stored in the recording medium if use rights for the use of 
this electronic data are established separately for each user. 

[0058] For example, as shown in FIG. 2, when electronic 
data is stored in a recording medium 11, a mediimi-specific 
number 15 is stored in a first layer 12, license information 
16 based on use rights is stored in a second layer 13, and 
encrypted contents 17 are stored in a third layer 14. The 
license information 16 is data based on a user's use rights; 
they may be, for example, a decryption key for decrypting 
encrypted contents 17. 

[0059] A licensing side computer 21 comprises individual 
key generating means 22, license information encrypting 
means 23, contents encrypting means 24, encryption key 
table 25, and decryption key table 26. 

[0060] Contents encrypting means 24 encrypts data 27 that 
will form the contents using an encryption key of the 
encryption key table 25, and this is stored in the third layer 
14 of the recording medium 11 as contents. A decryption key 
corresponding to the encryption key of the encryption key 
table 25 is stored in the decryption key table 26. Individual 
key generating means 22 generates a medium individual key 
based on the medium -specific number 15 read out from the 
first layer 12 of the recording medium 11. License informa- 
tion encrypting means 23 encrypts the decryption key of the 
decryption key table 26 using the medium individual key, 
and stores this as the license information 16 in the second 
layer 13 of the recording medium 

User Side Constitution 

[0061] A conceptual illustration of the user-side apparatus 
for driving the recording medium of FIG. 1 is shown in 
FIG. 4. 
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[0062] A drive apparatus 31 comprises write and read out 
means 32 for writing any information 7 to and reading said 
information out from the third layer 3, which is a user-use 
layer, and predetermined information deriving means 33 for 
encrypting predetermined information 6 stored in the second 
layer 3, which is a secure area, using the medium-specific 
number 5 stored in the first layer 2, and deriving it in an area 
outside the second layer 3. Places where predetermined 
information deriving means 33 may encrypt and derive 
predetermined information such as license information 
include, for example, the third layer 4 or another recording 
medium. When encrypted license information is stored in 
the third layer 4 of the recording medium, it can be stored 
by write and read out means 32 as any information 7. 

[0063] A simplified block diagram is shown in FIG. 4 as 
an example of a more detailed constitution. 

[0064] A user side drive apparatus 41 comprises individual 
key generation means 42, license information decrypting 
means 43, a decryption key storage unit 44, contents decryp- 
tion means 45, a decryption data storage unit 46, and license 
information encrypting means 47. 

[0065] Individual key generation means 42 generates a 
medium individual key based on the medium-specific num- 
ber 15 stored in the first layer 12 of recording medium 11; 
what it generates is the same as individual key generated by 
individual key generating means 22 on the licensing side. 
License information decrypting means 43 reads out the 
license information 16 stored in the second layer 13 of the 
recording medium 11, and decrypts this using the individual 
key generated by individual key generation means 42. The 
license information decrypted by license information 
decrypting means 43 is temporarily stored in the decryption 
key storage unit 44. Contents decryption means 45 reads out 
the contents 17 stored in the third layer 14 of the recording 
medium 11, decrypts this using the decryption key stored in 
the decryption key storage unit 44 and stores it in the 
decryption data storage unit 46. 

[0066] License information encrypting means 47 reads out 
the license information 16 of the second layer 13, and 
encrypts it using the medium-specific number 15 stored in 
the first layer 12. In such a case, the medium -specific 
number 15 may be used as is, it may be encrypted using an 
individual key generated by individual key generation 
means 42, and it may be encrypted using an encryption key 
generated from the medium-specific number 15. Thereafter, 
the encrypted license information is stored in the third layer 
14 of the recording medium 11. 

Contents Storage Processing 

[0067] Operations when the licensing side stores elec- 
tronic data in the recording medium 11 are shown in FIG. 
5 as a flow chart. 

[0068] In Step SI, a computer program, electronic publi- 
cation or other electronic data to be stored in the recording 
medium 11 is created. In Step S2, an encryption key for 
encrypting the electronic data is created. In Step S3, the 
electronic data to be encrypted and the encryption key are 
corresponded and stored in the encryption key table 25. 
Simultaneously with this, a decryption key for decrypting 
data encrypted by the encryption key is created, and the 
electronic data and the decryption key are corresponded and 



stored in the decryption key table 26, A key can serve as both 
encryption key and decryption key, and the encryption key 
table 25 and the decryption key table 26 may be combined 
into a single key management table. 

[0069] In Step S4, the encryption key corresponded with 
the electronic data to be encrypted is removed from the 
encryption key table 25. In Step S5, the electronic data is 
encrypted by the encryption key. For example, when using 
DES encryption, substitution and bit transposition is con- 
ducted repeatedly on the electronic data to be encrypted. In 
Step S6, the encrypted electronic data is stored as the 
contents 17 in the third layer 14 of the recording medium 11. 
In Step S7, it is determined whether or not the storage of the 
encrypted electronic data has been completed. If the storage 
of the encrypted electronic data has been fully completed, 
then control proceeds to Step S8. 

[0070] In Step S8, the medium-specific number 15 is read 
out from the first layer 12 of the recording medium 11 and 
an individual key is generated. In Step S9, the decryption 
key corresponding to the electronic data stored as the 
contents 17 in the recording medium 11 is read out from the 
decryption key table 26 and is encrypted by the individual 
key generated in Step S8. After the decryption key corre- 
sponding to the electronic data stored as the contents 17 is 
fully encrypted, this encrypted decryption key is stored as 
the license information 16 in the second layer 13 of record- 
ing medium 11, in Step SIO. 

Decryption Processing of Electronic Data. 

[0071] Because the contents 17 stored in the third layer 14 
of the recording medium 11 arc encrypted by an encryption 
key that the licensing side has created, in order to use these 
contents, the user side needs to decrypt them using the 
appropriate decryption key. The operations at such a time 
will be explained using the flow chart of FIG. 6. 

[0072] When the recording medium 11 has been loaded 
onto the drive apparatus 41 and a data load order has been 
given, in Step S21, the medium-specific number 15 is read 
out from the first layer 12 of the recording medium 11. In 
Step S22, an individual key is generated from the medium- 
specific number 15. The individual key is generated using 
the same algorithm as was used on the licensing side in Step 
S8. In Step S23, the license information 16 stored in the 
second layer 13 of the recording medium 11 is read out and 
decrypted using the individual key generated in Step S22. 
This decrypted license information is a decryption key for 
decrypting the contents 17; this decryption key is corre- 
sponded with electronic data stored in the third layer 14; this 
is made the decryption key table and is temporarily stored in 
the decryption key storage unit 44. 

[0073] In Step S24, the contents 17 stored in the third layer 
14 of the recording medium U are read. In Step S25, the 
read contents 17 are decrypted using the decryption key 
stored in the 44. In Step S26, the decrypted contents are 
executed. 

License Information Backup Processing 

[0074] In the user side drive apparatus 41, the license 
information 16 stored in the second layer 13 of the recording 
medium 11 is saved as backup data. This processing will be 
explained with reference to FIG. 7. 
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[0075] In Step S31, the license information 16 stored in 
the second layer 13 of the recording medium 11 is read out. 
In Step S32, the read out license information 16 is encrypted 
using the medium-specific number 15. This encryption of 
the license information 16 can be conducted using the 
individual key generated in Step S22, or a constitution is 
possible such that the encryption is conducted using a key 
generated from the encryption of the medium -specific num- 
ber 15 by a different algorithm. In Step S33, the encrypted 
license information 16 is stored in the third layer 14 of the 
recording medium 11. 

[0076] In such a constitution, because backup data for the 
encrypted license information 16 has been saved, if the 
backup data of the third layer 14 is read out and returned to 
the second layer 13 when the license information 16 of the 
second layer 13 is lost, the contents 17 can be used without 
waiting for the reissue of the license information 16. In 
addition, because the license information saved in the third 
layer 14 is encrypted by the medium-specific number 15, 
even if what is stored in the third layer 14 of the recording 
medium 11 is perfectly copied, it is difiBcult to restore the 
original license information 16, thus preventing the unau- 
thorized use of the contents 17. 

Other Embodiments 

[0077] (A) An explanation will be given of a case where 
a drive apparatus that drives the recording medium 11 has 
the function of restoring the license information 16 using 
backup data of license information that has been saved in the 
third layer 14, when the license information 16 stored in the 
second layer 13 of the recording medium 11 is lost. 

[0078] FIG. 8 is a control block diagram of a drive 
apparatus 51, which is such an apparatus; individual key 
generation means 42, license information decrypting means 
43, the decryption key storage unit 44, contents decryption 
means 45, the decryption data storage unit 46 and license 
information encrypting means 47 are the same as the 
embodiment of FIG. 4, so the explanation thereof will not 
be repeated. 

[0079] License information update means 52 reads out 
encrypted license information stored in the third layer 14 of 
the recording medium 11 and decrypts this using the 
medium-specific number 15 stored in the finst layer 12. 
When the Hcense information stored in the third layer 14 is 
encrypted by an individual key generated by individual key 
generation means 42, the key used in decryption will be this 
individual key. Then, the decrypted license information is 
stored in the second layer 13 of the recording medium 11 as 
the license information 16. 

[0080] The operations of this embodiment are show in the 
flow chart of FIG. 9. 

[0081] In Step S41, the encrypted license information 
stored in the third layer 14 of recording medium 11 is read 
out. In Step S42, the read out encrypted license information 
is decrypted by the medium -specific number 15. Here, the 
decryption of the license information can be conducted 
using an individual key generated in Step S22; when encryp- 
tion has been performed using a key generated from the 
encryption of the medium-specific number 15, this key is 
used to conduct decryption. In Step S43, the decrypted 
license information is stored in the second layer 13 of the 
recording medium 11 as the license information 16. 



[0082] Thus when the license information 16 stored in the 
second layer 13 of the recording medium 11 is lost through 
some kind of damage, it can be restored using the encrypted 
license information saved as backup data in the third layer 
14. Because this restoration processing is processed within 
the drive apparatus 51, the license information 16 is not 
output externally, and the unauthorized use of this informa- 
tion is not possible. 

[0083] (B) FIGS. 10 to 12 show an embodiment wherein 
further encryption is conducted using an apparatus-specific 
number specific to an apparatus for driving the recording 
medium 11. 

[0084] As FIG. 10 shows, in a drive apparatus 61, indi- 
vidual key generation means 42, license information 
decrypting means 43, the decryption key storage unit 44, 
contents decryption means 45, the decryption data storage 
unit 46 and license information encrypting means 47 are the 
same as in the embodiment of FIG. 4, so an explanation 
thereof will not be repeated. The drive apparatus 61 further 
comprises an apparatus-specific number storage unit 62 that 
stores an apparatus-specific number. It further comprises 
second license information encrypting means 63. This sec- 
ond license information encrypting means 63 further 
encrypts the encrypted license information encrypted by 
license information encrypting means 47 using the medium- 
specific number 15 by using the apparatus-specific number. 
The license information encrypted by this second license 
information encrypting means 63 is stored in the third layer 
14 of the recording medium 11. 

[0085] In addition, the drive apparatus 61 comprises 
license information update means 64. This license informa- 
tion update means reads out encrypted license information 
saved in the third layer 14 of the recording medium 11; it 
comprises first license information restoration means 65 that 
decrypts this read out encrypted license information using a 
apparatus-specific number stored in the apparatus-specific 
number storage unit 62 and second license information 
restoration means 66 that decrypts the license information 
that first license information restoration means 65 has 
decrypted using the medium-specific number stored in the 
first layer 12 of the recording medium 11. The restored 
license information is stored in the second layer 13 of the 
recording medium 11 as the license information 16. 

[0086] The saving of the backup of the license information 
16 stored in the recording medium U proceeds as shown in 
FIG. 11. 

[0087] First, in Step S51, the license information 16 stored 
in the second layer 13 of the recording medium 11 is read 
out. In Step S52, the read out license information 16 is 
encrypted using the medium-specific number 15 stored in 
the first layer 12. In Step S53, the license information 
encrypted by the medium -specific number 15 is encrypted 
by the apparatus-specific number stored in the apparatus- 
specific number storage unit 62. Thereafter, the encrypted 
license information is stored in the third layer 14 in Step 
S54. 

[0088] When the license information 16 stored in the 
recording medium 11 is lost, restoration of the license 
information is conducted in the process shown in FIG. 12. 

[0089] In Step S61, the encrypted license information 
stored in the third layer 14 of the recording medium 11 is 
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read out. In Step S62, the read out encrypted license infor- 
mation is decrypted using the apparatus-specific number. In 
Step S63, the license information decrypted by the appara- 
tus-specific number is decrypted using the medium -specific 
number 15. In Step S64, the decrypted license information 
is stored in the second layer 13 of the recording medium 11 
as the license information 16. 

[0090] With such a constitution, because the backup data 
of the license information 16 is encrypted by the medium- 
specific number 15 and further encrypted by the apparatus- 
specific number of the drive apparatus 61, even if an illegal 
copy of the data is made, it cannot be used, and the copyright 
is protected. And even if the license information 16 of the 
recording medium 11 is lost, it can be restored using this 
drive apparatus 61, and as long as the copy is authorized the 
contents can be used without waiting for reissue of the use 
rights. 

[0091] The above apparatus-specific number is an appa- 
ratus number specific to the drive apparatus 61 for driving 
the recording medium 11, but an apparatus number specific 
to the computer that the user side is using can also be used. 
Also, when saving the backup data of the license informa- 
tion 16, it is possible, after it has been encrypted using the 
apparatus-specific number, to encrypt it with the medium- 
specific number 15 and store it; thus when it is to be restored, 
after it is decrypted using the medium-specific number 15, 
it is decrypted using the apparatus-specific number. 

[0092] (C) Backup data of the license information 16 can 
also be stored in a different recording medium. An embodi- 
ment of this type will be explained while referring to FIGS. 
13 to 15. 

[0093] A drive apparatus 71 for driving the recording 
medium 11 is connected with a drive apparatus 81 for 
driving a second recording medium 83, and data can be 
exchanged between the two media. A floppy disk drive, a 
hard disk drive, a minidisk, a magnetooptical disk, a DVD 
and the like can be used as the drive apparatus 81, which 
comprises an apparatus-specific number storage unit 82 for 
storing an apparatus-specific number. This apparatus-spe- 
cific number can be output as electronic data. 

[0094] In the drive apparatus 71 that drives the recording 
medium 11, individual key generation means 42, license 
information decrypting means 43, the decryption key stor- 
age unit 44, contents decryption means 45, the decryption 
data storage unit 46 and license information encrypting 
means 47 are the same as in the embodiment of FIG. 4, so 
an explanation thereof will not be repeated. The drive 
apparatus 71 further comprises second license information 
encrypting means 72 and license information update means 
73. Second license information encrypting means 72, using 
the apparatus-specific number of the drive device 81, further 
encrypts the license information encrypted by license infor- 
mation encrypting means 47. Thereafter, the encrypted 
license information is stored in the recording medium 83. 

[0095] License information update means 73 reads out 
encrypted license information saved in the second recording 
medium 83; it comprises first license information restoration 
means 74 that decrypts this encrypted license information 
using an apparatus-specific number stored in the apparatus- 
specific number storage unit 82 and second license infor- 
mation restoration means 75 that uses the medium -specific 



number 15 stored in the first layer 12 of the recording 
medium U to decrypt the license information decrypted by 
first license information restoration means 74. The restored 
license information is stored in the second layer 13 as the 
license information 16 of the recording medium 11. 

[0096] When the backup of the license information 16 
stored in the recording mediiun 11 is to be saved, the process 
shown in FIG. 14 is followed. 

[0097] First, in Step S71, the license information 16 stored 
in the second layer 13 of the recording medium 11 is read 
out. In Step 572, the read out license information 16 is 
encrypted using the medium-specific number 15 stored in 
the first layer 12. In Step S73, the license information 
encrypted by the medium-specific number 15 is encrypted 
by the apparatus-specific number of the drive apparatus 81 
for driving the second recording medium 83. After this, in 
Step S74, the encrypted license information is stored in the 
third layer 14. 

[0098] When the license information 16 stored in the 
recording medium 11 is lost, the restoration processing for 
the license information 16 as shown in FIG, 15 is followed. 

[0099] In Step S81, the encrypted license information 
stored in the second recording medium 83 is read out. In 
Step S82, the read out encrypted license information is 
decrypted using the apparatus-specific number of the drive 
apparatus 81 that drives the second recording medium 83. In 
Step S83, the license information decrypted by the device- 
specific number is decrypted by the medium -specific num- 
ber 15. In Step S84, the decrypted license information is 
stored in the second layer 13 of the recording medium 11 as 
the license information 16. 

[0100] With such a constitution, the backup data of the 
license information 16 can be managed separately from the 
recording medium 11, and a high level of security can be 
maintained. In addition, the user side can manage the license 
information for a plurality of recording media, and even if 
the license information is lost for whatever reason, the user 
side can handle the problem. In this embodiment, too, a 
constitution may be employed such that when the license 
information 16 is encrypted, after encrypting with an appa- 
ratus-specific number, it is encrypted with a medium-spe- 
cific number. In such a case, when this license information 
is to be restored, it will be decrypted with the apparatus- 
specific number after decryption with the medium-specific 
number. 

[0101] (D) The above method can also be applied to a case 
where a user records onto a recording medium encrypted 
data that has been broadcast over cable television, the 
Internet and the like. For example, the broadcast station has 
the user transmit a medium-specific number for the record- 
ing medium on which the encrypted data has been recorded, 
and it transmits to the user a decryption key encrypted with 
that medium-specific number. At the user apparatus, this 
decryption key is stored in the second layer of the recording 
medium as license information. Further, this license infor- 
mation is encrypted by a medium-specific number and 
stored in the third layer. 

[0102] When contents on the recording medium are used, 
it is good to generate a decryption key by decrypting the 
license information using a medium-specific number and 
then decrypt the encrypted data. In such a case, even if the 
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contents are copied onto a different recording medium, 
because the license information is encrypted with a medium- 
specific number, it is difficult to decrypt. Further, it is 
possible to restore this license information using backup 
data, so even if the license information is lost, the user is able 
to restore it. 

Industrial Applicability 

[0103] With the present invention, predetermined infor- 
mation stored in a predetermined area of a recording 
medium is encrypted using medium -specific information 
and derived; even if that information is copied onto a 
different recording medium, it is difficult to decrypt it. For 
example, when electronic data such as software and publi- 
cations is to be stored, if this electronic data is encrypted 
using an encryption key and then stored, and the decryption 
key for decrypting this is encrypted using information 
specific to the recording medium and stored in an area to 
which the user does not have access, there is no need to 
change the encryption key for encrypting for each individual 
user, as a common encryption key can be used and stored. 
Because the encrypted decryption key is so constituted to be 
further encrypted using medium-specific information and 
derived outside the predetermined area, a user backup copy 
can be saved. Because this saved backup data is encrypted 
using medium-specific information, it is difficult to decrypt 
if it is copied to another recording medium, and thus it is 
difficult to obtain a decryption key for decrypting the elec- 
tronic data. Further, because a user can use this backup data 
to restore the decryption key, even if the data is lost through 
some kind of damage, the reissue process can be eliminated. 



What is claimed is: 

1. An information management method wherein prede- 
termined information stored in a predetermined area of a 
recording medium having medium-specific information is 
encrypted using said medium-specific information or a key 
generated therefrom and is derived outside said predeter- 
mined area. 

2. The information management system of claim 1, 
wherein said recording medium comprises a first area stor- 
ing said predetermined information and a second area dif- 
ferent from said first area. 

3. The information management method of claim 2, 
wherein said second area is a user-use area allowing writing 
and reading out of any information in accordance with 
external instructions and said first area is a secure area that 
is not subjea to control by external instructions. 

4. The information management method of claim 3, 
wherein any information stored in said second area is 
encrypted electronic data and predetermined information 
stored in said first area includes license information based on 
use rights for using said electronic data. 

5. The information management method according to 
claim 4, wherein said predetermined information is 
encrypted using said medium -specific information or a key 
generated therefrom and is stored in said predetermined 
area. 

6. The information management method of claim 5, 
wherein said predetermined information is encrypted using 
information specific to an apparatus that drives said record- 
ing medium or a key generated therefrom. 



7. The information management method according to 
claim 6, wherein said encrypted predetermined information 
is stored in said second area. 

8. The information management method of claim 7, 
wherein encrypted predetermined information stored in said 
second area is decrypted using said medium-specific infor- 
mation or a key generated therefrom and the predetermined 
information stored in said first area is updated. 

9. The information management method of claim 7, 
wherein, when said predetermined information is to be 
derived outside said first area, it is encrypted using said 
medium -specific information or a key generated therefrom 
and information specific to an apparatus that drives said 
recording medium or a key generated therefrom. 

10. The information management method of claim 9, 
wherein encrypted predetermined information stored in said 
second area is decrypted using information specific to an 
apparatus that drives said recording medium or a key 
generated therefrom and said medium -specific information 
or a key generated therefrom, and predetermined informa- 
tion stored in said first area is updated. 

11. The information management method according to 
claim 1, wherein said encrypted predetermined information 
is stored on a second recorcling medium different from said 
recording medium. 

12. The information management method of claim 11, 
wherein encrypted predetermined information stored in said 
second recording medium is decrypted using said medium- 
specific information or a key generated therefrom and pre- 
determined information stored in said predetermined area is 
updated. 

13. The information management method of claim 11, 
wherein, when said predetermined information is to be 
derived on said second recording medium, it is encrypted 
using said medium-specific information or a key generated 
therefrom and information specific to an apparatus that 
drives said second recording medium or a key generated 
therefrom. 

14. The information management method of claim 13, 
wherein encrypted predetermined information stored in sec- 
ond recording medium is decrypted using information spe- 
cific to an apparatus that drives said second recording 
medium or a key generated therefrom and said medium- 
specific information or a key generated therefrom, and 
predetermined information stored in said predetermined area 
is updated. 

15. The information management method according to 
claim 1, wherein said medium-specific information can be 
electronically obtained from said recording medium and is 
visually displayed on said recording medium. 

16. The information management method according to 
claim 6, wherein information specific to an apparatus that 
drives said recording medium can be electronically obtained 
from said apparatus and is visually displayed on said appa- 
ratus. 

17. The information management method according to 
claim 13, wherein information specific to an apparatus that 
drives said second recording medium can be electronically 
obtained from said apparatus and is visually displayed on 
said apparatus. 

18. An information management apparatus having 
medium -specific information, and comprising a user-use 
area allowing writing and reading out of any information in 
accordance with external instructions and a secure area that 



02/13/2004, EAST Version: 1.4.1 



us 2001/0008016 Al 



8 



Jul. 12, 2001 



is not subject to control by external instructions, said infor- 
mation management apparatus managing information of a 
recording medium wherein license information based on use 
rights for any information stored in a user-use area is stored 
in a secure area, said information management apparatus 
comprising: 

write and read out means writing any information to and 
reading any information from said user-use area; and 

predetermined information deriving means encrypting 
predetermined information stored in said secure area 
using said medium-specific information or a key gen- 
erated therefrom and deriving the same outside said 
secure area. 

19. The information management apparatus of claim 18, 
wherein said encrypted license information is stored by said 
write and read out means in said user-use area. 

20. The information management apparatus of claim 19, 
further comprising predetermined information update means 
decrypting said encrypted license information stored in said 
user-use area and updating license information stored in said 
secure area. 

21. The information management apparatus according to 
claim 18, comprising apparatus-specific information, 
wherein said predetermined information deriving means 
encrypts said license information using said medium -spe- 
cific information or a key generated therefrom and informa- 
tion specific to said apparatus or a key generated therefrom. 

22. The information management apparatus of claim 21, 
further comprising predetermined information update means 
decrypting encrypted license information stored in said 
user-use area using information specific to said apparatus or 



a key generated therefrom and said medium-specific infor- 
mation or a key generated therefrom and updating license 
information stored in said secure area. 

23. The information management apparatus of claim 18, 
wherein said predetermined information deriving means 
transmits said encrypted license information to a second 
recording medium different from said recording medium. 

24. The information management apparatus of claim 23, 
further comprising predetermined information update means 
decrypting encrypted license information stored in said 
second recording medium using said medium-specific infor- 
mation and updating license information stored in said 
secure area, 

25. The information management apparatus of claim 23, 
wherein an apparatus that drives said second recording 
medium comprises apparatus-specific information and said 
predetermined information deriving means encrypts said 
license information using said medium-specific information 
or a key generated therefrom and information specific to an 
apparatus that drives said second recording medium or a key 
generated therefrom. 

26. The information management apparatus of claim 25, 
further comprising predetermined information update means 
decrypting encrypted license information stored in said 
second recording medium using information specific to an 
apparatus that drives said second recording medium or a key 
derived therefrom and said medium -specific information or 
a key generated therefrom and updating license information 
stored in said secure area. 

***** 
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